Joao Ribeiro da Silva wrote:
----- Original Message ----- From: "Frank Heckenbach" frank@g-n-u.de To: jrs@developcomponents.com; discussion@fsfeurope.org Sent: Thursday, February 05, 2004 9:49 PM Subject: Re: Question regarding an article fromMicrosft Hellas's CEO
Try to map a network drive or even access to your CD-ROM it will tell you that only the system administrator can do that and because on Unix nobody works as system administrator then the system core never has a virus. In the worst case scenario only the files created by the user can be deleted or damaged not the files from other users so even if we had virus on Unix the impact over the system would be very small (to the user level only).
I've heard this argument, but I don't think it's a very strong point. On most machines the user data are more valuable than the system files. [...]
In this case, I think you are right in one way and wrong in another. Why? Simple. When the programmer of a mallicious trojan, virus or any other tipe of action makes his decision on attacking another computer or computers he whants to destroy as much data as possible. He will not like the idea of the possibilty of damage the data of a single user, no he whants more, alot more.
If the lack of network security would allow the virus to spread, it will eventually reach the other users on a multi-user system anyway, even if local security prevents the direct route.
It's true that a virus can hide in system programs and covertly spread more damage over time, but on Unix systems, they can do almost the same by manipulating the user's aliases, PATH, etc.
Yes, of course, but with the variaty of system configurations on Unix based systems, and other that are costumized by the systems administrators of each different company it can be a hard task to program something that will be really efficient.
Sure, configurations are more diverse, but there are some central points (shell config files etc.) which are rather easy targets of attack, I suppose (no experience myself ;-).
On Unix, as soon a user logs out from the system all applications running with that user permissions are forcelly terminated by the OS itself.
Not at all.
Ok let's say for the majority of the applications this is true, only people that manipulate computers very well, like programmers and systems administrators end up to leave tasks running when logged out.
But we're talking about malicious programs. They could easily arrange to remain running after the user logs out (unless the user or admin has taken special measures to prevent this, which is not usually the case, AFAIK, since there are valid reasons for users to do so, such as long-running background jobs, `screen', etc.).
Frank